diff options
author | Björn Schießle <schiessle@owncloud.com> | 2013-06-25 12:21:54 +0200 |
---|---|---|
committer | Björn Schießle <schiessle@owncloud.com> | 2013-07-05 15:58:55 +0200 |
commit | 3e4dcafa892b7fe73dcd9afba65ded290dd54734 (patch) | |
tree | e48f3f82b165aa88dea3eae83909942cb0942df9 | |
parent | 9c855f7b3d97b312095ba53a08fe45b71ca06c98 (diff) | |
download | nextcloud-server-3e4dcafa892b7fe73dcd9afba65ded290dd54734.tar.gz nextcloud-server-3e4dcafa892b7fe73dcd9afba65ded290dd54734.zip |
handle system wide mount points
-rwxr-xr-x | apps/files_encryption/lib/keymanager.php | 49 | ||||
-rw-r--r-- | apps/files_encryption/lib/util.php | 30 |
2 files changed, 62 insertions, 17 deletions
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index e911c1785df..084abdb2c2e 100755 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -126,7 +126,12 @@ class Keymanager { $util = new Util($view, \OCP\User::getUser()); list($owner, $filename) = $util->getUidAndFilename($path); - $basePath = '/' . $owner . '/files_encryption/keyfiles'; + // in case of system wide mount points the keys are stored directly in the data directory + if (self::isSystemWideMountPoint($filename)) { + $basePath = '/files_encryption/keyfiles'; + } else { + $basePath = '/' . $owner . '/files_encryption/keyfiles'; + } $targetPath = self::keySetPreparation($view, $filename, $basePath, $owner); @@ -233,7 +238,12 @@ class Keymanager { list($owner, $filename) = $util->getUidAndFilename($filePath); $filePath_f = ltrim($filename, '/'); - $keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key'; + // in case of system wide mount points the keys are stored directly in the data directory + if (self::isSystemWideMountPoint($filename)) { + $keyfilePath = '/files_encryption/keyfiles/' . $filePath_f . '.key'; + } else { + $keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key'; + } $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; @@ -341,19 +351,20 @@ class Keymanager { list($owner, $filename) = $util->getUidAndFilename($path); - $basePath = '/' . $owner . '/files_encryption/share-keys'; + // in case of system wide mount points the keys are stored directly in the data directory + if (self::isSystemWideMountPoint($filename)) { + $basePath = '/files_encryption/share-keys'; + } else { + $basePath = '/' . $owner . '/files_encryption/share-keys'; + } $shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner); // try reusing key file if part file if (self::isPartialFilePath($shareKeyPath)) { - $writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey'; - } else { - $writePath = $basePath . '/' . $shareKeyPath . '.' . $userId . '.shareKey'; - } $proxyStatus = \OC_FileProxy::$enabled; @@ -440,8 +451,13 @@ class Keymanager { $util = new Util($view, \OCP\User::getUser()); list($owner, $filename) = $util->getUidAndFilename($filePath); - $shareKeyPath = \OC\Files\Filesystem::normalizePath( - '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'); + + // in case of system wide mount points the keys are stored directly in the data directory + if (self::isSystemWideMountPoint($filename)) { + $shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; + } else { + $shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; + } if ($view->file_exists($shareKeyPath)) { @@ -568,4 +584,19 @@ class Keymanager { return $targetPath; } + + /** + * @brief check if the file is stored on a system wide mount point + * @param $path relative to /data/user with leading '/' + * @return boolean + */ + private static function isSystemWideMountPoint($path) { + $mount = OC_Mount_Config::getSystemMountPoints(); + foreach ($mount as $mountPoint => $data) { + if ($mountPoint == substr($path, 1, strlen($mountPoint))) { + return true; + } + } + return false; + } }
\ No newline at end of file diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index b3de85254e2..a5290013a4b 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -992,13 +992,9 @@ class Util { \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled') && $this->recoveryEnabledForUser() ) { - $recoveryEnabled = true; - } else { - $recoveryEnabled = false; - } // Make sure that a share key is generated for the owner too @@ -1019,20 +1015,24 @@ class Util { // If recovery is enabled, add the // Admin UID to list of users to share to if ($recoveryEnabled) { - // Find recoveryAdmin user ID $recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId'); - // Add recoveryAdmin to list of users sharing $userIds[] = $recoveryKeyId; - } // add current user if given if ($currentUserId !== false) { - $userIds[] = $currentUserId; + } + // check if it is a group mount + $mount = OC_Mount_Config::getSystemMountPoints(); + foreach ($mount as $mountPoint => $data) { + if ($mountPoint == substr($ownerPath, 1, strlen($mountPoint))) { + $userIds = array_merge($userIds, + $this->getUserWithAccessToMountPoint($data['applicable']['users'], $data['applicable']['groups'])); + } } // Remove duplicate UIDs @@ -1042,6 +1042,20 @@ class Util { } + private function getUserWithAccessToMountPoint($users, $groups) { + $result = array(); + if (in_array('all', $users)) { + $result = \OCP\User::getUsers(); + } else { + $result = array_merge($result, $users); + foreach ($groups as $group) { + $result = array_merge($result, \OC_Group::usersInGroup($group)); + } + } + + return $result; + } + /** * @brief start migration mode to initially encrypt users data * @return boolean |